Infrastructure | Knowledge Base

Cloud Computing

https://aws.amazon.com/compliance/shared-responsibility-model

Analysis | Knowledge Base | Operations | Techniques | Threat Intelligence | Tools

Cyber Analysis 102
By

Endpoint Analysis & Asset Investigation — L1 SOC Analyst Guide Overview This guide covers the initial steps for investigating endpoint alerts for the L1 Analyst onboarding. The focus is on determining whether a known malicious hash exists in the environment and identifying the affected device and its user. By the end of this section you…

Read More Cyber Analysis 102
Knowledge Base | Tools

Axonius — Tool Overview
By

What is Axonius? Axonius is a Cyber Asset Attack Surface Management (CAASM) platform that aggregates and correlates device and user data from across the organization’s existing security and IT tools. Rather than replacing existing tools, Axonius continuously normalizes, deduplicates, and enriches aggregated asset data to provide a complete and accurate picture of the entire technology…

Read More Axonius — Tool Overview
Analysis | Knowledge Base | Techniques | Tools

The Global Hunt (Tanium)
By

Goal: Use a “Fingerprint” (MD5 Hash) to see if a file is on any computer in the company. The “Checklist”

Read More The Global Hunt (Tanium)
Hardware | Knowledge Base

Hard Drives
By

In the world of data storage, SSD and HDD are the two main technologies for storing your files. The difference primarily comes down to moving parts vs. flash memory. HDD (Hard Disk Drive) An HDD is the traditional storage technology. It uses physical, spinning magnetic platters and a moving “read/write head” to access data—much like…

Read More Hard Drives
Knowledge Base | Tools

VirusTotal — Tool Overview
By

What is VirusTotal? VirusTotal is a free, web-based threat intelligence service that aggregates results from over 70 antivirus engines, URL scanners, and security vendors to analyze suspicious files, hashes, URLs, IP addresses, and domains. It is widely used across the security community as a quick and reliable reference point during threat investigations. No account or…

Read More VirusTotal — Tool Overview
Analysis | Knowledge Base | Operations | Platforms | Techniques | Threat Intelligence | Tools

Common Terms
By

Glossary of Security Terms and Definitions Objective: To standardize technical terminology within the Security Operations Center (SOC) and ensure accurate communication during endpoint investigations. 1. MD5 Hash (Message Digest Algorithm 5) A unique 32-character cryptographic string used to represent a file’s digital identity. It serves as a fixed-length “fingerprint” that remains constant regardless of file…

Read More Common Terms

Similar Posts